Manual:IP/Cloud: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
← Older editNewer edit →
Line 11: Line 11:
{{Note|Since RouterOS v6.27 "ip cloud enabled" is renamed to "ip cloud ddns-enabled" this may require some changes in scripts if you are using this feature in a script.}}
{{Note|Since RouterOS v6.27 "ip cloud enabled" is renamed to "ip cloud ddns-enabled" this may require some changes in scripts if you are using this feature in a script.}}


'''The cloud service provides these services: '''
= Services =


* ddns (provide dns name for router's WAN IPv4 and/or IPv6 address)
== DDNS ==
* approximate time (accuracy of several seconds, depends on UDP packet latency, useful when NTP is not available)
* time zone detection (if enabled, clock time zone will be updated even when DDNS and update time are disabled)


{{Note | To actually connect to the router using the DNS name provided by cloud server, user must configure router's firewall to permit such access from the WAN port. (Default MikroTik configuration does not permit access to services such as WebFig, WinBox etc. from WAN port)}}
DDNS or Dynamic DNS is a service that updates the IPv4 address for A records and the IPv6 address for AAAA records periodically. Such a service is very useful when your ISP has provided a dynamic IP address that changes periodically, but you always need an address that you can use to connect to your device remotely. Below you can find operation details that are relevant to the IP Cloud's DDNS service:
 
* Checks for outgoing IP address change: every 60 seconds
* Waits for the MikroTik's Cloud server's response: 15 seconds
* DDNS record TTL: 60 seconds
* Send encrypted packets to '''cloud.mikrotik.com''' or '''cloud2.mikrotik.com''' using UDP/15252 port
 
{{ Note | Since RouterOS v6.43 your device will use '''cloud2.mikrotik.com''' to communicate with the MikroTik's Cloud server. Older versions will use '''cloud.mikrotik.com''' to communicate with the MikroTik's Cloud server. }}
 
Since RouterOS v6.43 if your device is able to reach '''cloud2.mikrotik.com''' using IPv6, then a DNS '''AAAA''' record is going to be created for your public IPv6 address. If your device is only able to reach cloud2.mikrotik.com using IPv4, then only a DNS '''A''' record is going to be created for your public IPv4 address.
 
{{ Note | IP/Cloud requires a working license on Cloud Hosted Router (CHR). }}
 
To enable the DDNS service:
<pre>
[admin@MikroTik] /ip cloud set ddns-enabled=yes
[admin@MikroTik] /ip cloud print
        ddns-enabled: yes
          update-time: yes
      public-address: 159.148.147.196
  public-address-ipv6: 2a02:610:7501:1000::2
            dns-name: 529c0491d41c.sn.mynetname.net
              status: updated
</pre>
 
{{ Note | When the service is enable, a DNS name will be stored on the MikroTik's Cloud server permanently and this DNS name will resolve to the last IP that your IP has sent to the MikroTik's Cloud server. }}


{{Warning | Be aware that if router has multiple public IP addresses and/or multiple internet gateways, the exact IP used for the update may not be as expected!}}
{{Warning | Be aware that if router has multiple public IP addresses and/or multiple internet gateways, the exact IP used for the update may not be as expected!}}
To disable the DDNS service:
<pre>
/ip cloud set ddns-enabled=no
</pre>
{{ Note | When the service is disable, your device sends a command to the MikroTik's Cloud server to remove the stored DNS name. }}
To manually trigger a DNS update:
<pre>
[admin@MikroTik] > /ip cloud force-update
</pre>
{{Note | To actually connect to the device using the DNS name provided by cloud server, user must configure router's firewall to permit such access from the WAN port. (Default MikroTik configuration does not permit access to services such as WebFig, WinBox etc. from WAN port)}}
== Update time ==
Correct time on a device is important, it cause issues with the system's logs, break HTTPS connectivity to the device, tunnel connectivity and other issues. To have your system's clock updated, you can use [[ Manual:System/Time#NTP_client_and_server | NTP]] or [[ Manual:System/Time#SNTP_client | SNTP]], though it requires you to specify an IP address for the NTP Server. In most cases NTP/SNTP is not required in order to simply have a correct time set on the device, for simplicity you can use the IP Cloud's update time service. Below you can find operation details that are relevant to the IP Cloud's update time service:
* Approximate time (accuracy of several seconds, depends on UDP packet latency)
* Updates time after a reboot and during every DDNS update (when router's WAN IP address changes or after the force-update command is used)
* Send encrypted packets to '''cloud.mikrotik.com''' or '''cloud2.mikrotik.com''' using UDP/15252 port
* Detects time-zone depending on the router's public IP address and our commercial database
{{ Note | Since RouterOS v6.43 your device will use '''cloud2.mikrotik.com''' to communicate with the MikroTik's Cloud server. Older versions will use '''cloud.mikrotik.com''' to communicate with the MikroTik's Cloud server. }}
To enable the time update service:
<pre>
[admin@MikroTik] > /ip cloud set update-time=yes
</pre>
To enable automatic time zone detection:
<pre>
[admin@MikroTik] > /system clock set time-zone-autodetect=yes
</pre>
{{ Note | If <code>/ip cloud update-time</code> is set to <code>auto</code>, then device's clock will be updated with MikroTik's Cloud server time (if no [[ Manual:System/Time#NTP_client_and_server | NTP]] or [[ Manual:System/Time#SNTP_client | SNTP]] client is enabled). }}


= Operation details =
= Operation details =

Revision as of 12:41, 21 September 2018

Applies to RouterOS: v6.14 +

Note: Currently running as public beta. Server availability could vary, and syntax could change


Summary

Since RouterOS v6.14 MikroTik offers a Dynamic DNS name and automatic time update service for RouterBOARD devices. This means that your device can automatically get a working domain name, which is updated each time your public IP address changes and update the device's clock when NTP or SNTP is not available. Dynamic DNS (DDNS) is useful when your device does not have a static IP address and you need an address, which you could use to access the device remotely.

Note: Since RouterOS v6.27 "ip cloud enabled" is renamed to "ip cloud ddns-enabled" this may require some changes in scripts if you are using this feature in a script.


Services

DDNS

DDNS or Dynamic DNS is a service that updates the IPv4 address for A records and the IPv6 address for AAAA records periodically. Such a service is very useful when your ISP has provided a dynamic IP address that changes periodically, but you always need an address that you can use to connect to your device remotely. Below you can find operation details that are relevant to the IP Cloud's DDNS service:

  • Checks for outgoing IP address change: every 60 seconds
  • Waits for the MikroTik's Cloud server's response: 15 seconds
  • DDNS record TTL: 60 seconds
  • Send encrypted packets to cloud.mikrotik.com or cloud2.mikrotik.com using UDP/15252 port

Note: Since RouterOS v6.43 your device will use cloud2.mikrotik.com to communicate with the MikroTik's Cloud server. Older versions will use cloud.mikrotik.com to communicate with the MikroTik's Cloud server.


Since RouterOS v6.43 if your device is able to reach cloud2.mikrotik.com using IPv6, then a DNS AAAA record is going to be created for your public IPv6 address. If your device is only able to reach cloud2.mikrotik.com using IPv4, then only a DNS A record is going to be created for your public IPv4 address.

Note: IP/Cloud requires a working license on Cloud Hosted Router (CHR).


To enable the DDNS service: 

[admin@MikroTik] /ip cloud set ddns-enabled=yes
[admin@MikroTik] /ip cloud print
         ddns-enabled: yes
          update-time: yes
       public-address: 159.148.147.196
  public-address-ipv6: 2a02:610:7501:1000::2
             dns-name: 529c0491d41c.sn.mynetname.net
               status: updated

Note: When the service is enable, a DNS name will be stored on the MikroTik's Cloud server permanently and this DNS name will resolve to the last IP that your IP has sent to the MikroTik's Cloud server.


Warning: Be aware that if router has multiple public IP addresses and/or multiple internet gateways, the exact IP used for the update may not be as expected!


To disable the DDNS service: 

/ip cloud set ddns-enabled=no

Note: When the service is disable, your device sends a command to the MikroTik's Cloud server to remove the stored DNS name.


To manually trigger a DNS update: 

[admin@MikroTik] > /ip cloud force-update

Note: To actually connect to the device using the DNS name provided by cloud server, user must configure router's firewall to permit such access from the WAN port. (Default MikroTik configuration does not permit access to services such as WebFig, WinBox etc. from WAN port)


Update time

Correct time on a device is important, it cause issues with the system's logs, break HTTPS connectivity to the device, tunnel connectivity and other issues. To have your system's clock updated, you can use NTP or SNTP, though it requires you to specify an IP address for the NTP Server. In most cases NTP/SNTP is not required in order to simply have a correct time set on the device, for simplicity you can use the IP Cloud's update time service. Below you can find operation details that are relevant to the IP Cloud's update time service:

  • Approximate time (accuracy of several seconds, depends on UDP packet latency)
  • Updates time after a reboot and during every DDNS update (when router's WAN IP address changes or after the force-update command is used)
  • Send encrypted packets to cloud.mikrotik.com or cloud2.mikrotik.com using UDP/15252 port
  • Detects time-zone depending on the router's public IP address and our commercial database

Note: Since RouterOS v6.43 your device will use cloud2.mikrotik.com to communicate with the MikroTik's Cloud server. Older versions will use cloud.mikrotik.com to communicate with the MikroTik's Cloud server.


To enable the time update service: 

[admin@MikroTik] > /ip cloud set update-time=yes

To enable automatic time zone detection: 

[admin@MikroTik] > /system clock set time-zone-autodetect=yes

Note: If /ip cloud update-time is set to auto, then device's clock will be updated with MikroTik's Cloud server time (if no NTP or SNTP client is enabled).


Operation details

  • Checks for outgoing IP address change: every 60 seconds
  • Waits for the MikroTik's Cloud server's response: 15 seconds
  • DDNS record TTL: 60 seconds
  • Cloud time update: after reboot and during every DDNS update (when router's WAN IP address changes or after the force-update command is used)
  • Time-zone-autodetect: The time zone is detected depending on the router's public IP address and our commercial database

After the device has sent its IP address to the MikroTik's Cloud server, it will stay on the server permanently. DNS name (/ip cloud ddns-name) will resolve to last sent IP address. When user sets /ip cloud set ddns-enabled=no, then the device will send a message to MikroTik's Cloud server to disable the DNS name for this device.

When /ip cloud set ddns-enabled=yes is set, then the device will send encrypted packets to MikroTik's Cloud server using port UDP/15252. For devices using RouterOS v6.43 and newer the encrypted IP/Cloud packets are going to be sent to cloud2.mikrotik.com. For devices using older RouterOS versions (prior to v6.43), encrypted IP/Cloud are going to be sent to cloud.mikrotik.com.

Since RouterOS v6.43 if your device is able to reach cloud2.mikrotik.com using IPv6, then AAAA record is going to be created for your public IPv6 address. If your device is only able to reach cloud2.mikrotik.com using IPv4, then only A record is going to be created for your public IPv4 address.

Note: IP/Cloud requires a working license on Cloud Hosted Router (CHR).


Example

To enable and activate this service:

[admin@MikroTik] /ip cloud set ddns-enabled=yes
[admin@MikroTik] /ip cloud print
         ddns-enabled: yes
          update-time: yes
       public-address: 159.148.147.196
  public-address-ipv6: 2a02:610:7501:1000::2
             dns-name: 529c0491d41c.sn.mynetname.net
               status: updated

To enable time update from cloud service:

[admin@MikroTik] > /ip cloud set update-time=yes

To enable automatic time zone detection:

[admin@MikroTik] > /system clock set time-zone-autodetect=yes

To manually trigger a DDNS update

[admin@MikroTik] > /ip cloud force-update

Note: When force-update is executed, DDNS update to cloud server will be sent immediately, even if router's IP address has not changed. If /ip cloud update-time is set to auto, then device's clock will be updated to cloud server time (if no NTP or SNTP client is enabled).


Properties

Sub-menu: /ip cloud


Property Description
ddns-enabled (yes | no; Default: no) If set to yes, then the device will send an encrypted message to the MikroTik's Cloud server. The server will then decrypt the message and verify that the sender is an authentic MikroTik device. If all is OK, then the MikroTik's Cloud server will create a DDNS record for this device and send a response to the device. Every minute the IP/Cloud service on the router will check if WAN IP address matches the one sent to MikroTik's Cloud server and will send encrypted update to cloud server if IP address changes.
update-time (yes | no; Default: no) If set to yes then router clock will be set to time, provided by cloud server IF there is no NTP or SNTP client enabled. If set to no, then IP/Cloud service will never update the device's clock. If update-time is set to yes, Clock will be updated even when ddns-enabled is set to no.
public-address (read-only: address) Shows device's IPv4 address that was sent to cloud server and assigned to DNS name (see dns-name). This field is visible only after at least one ddns-request was successfully completed.
public-address-ivp6 (read-only: address) Shows device's IPv6 address that was sent to cloud server and assigned to DNS name (see dns-name). This field is visible only after at least one ddns-request was successfully completed.
warning (read-only: string) Shows a warning message if IP address sent by the device differs from the IP address in UDP packet header as visible by the MikroTik's Cloud server. Typically this happens if the device is behind NAT. Example: "DDNS server received request from IP 123.123.123.123 but your local IP was 192.168.88.23; DDNS service might not work"
dns-name (read-only: name) Shows DNS name assigned to the rdevice. Name consists of 12 character serial number appended by .sn.mynetname.net. This field is visible only after at least one ddns-request is successfully completed.
status (read-only: string) Contains text string that describes current dns-service state. The messages are self explanatory
  • updating...
  • updated
  • Error: no Internet connection
  • Error: request timed out
  • Error: REJECTED. Contact MikroTik support
  • Error: internal error - should not happen. One possible cause is if router runs out of memory


Advanced

Sub-menu: /ip cloud advanced


Property Description
use-local-address (yes | no; Default: no) By default, the DNS name will be assigned to the detected public address (from the UDP packet header). If you wish to send your "local" or "internal" IP address, then set this to yes

[ Top | Back to Content ]

Retrieved from "https://wiki.mikrotik.com/index.php?title=Manual:IP/Cloud&oldid=32101"